Browser Lock Custom PIN Removed?

Browser Lock custom PIN has been removed? Previous version I could create a PIN or use the phones PIN or Face ID. I do not want to use phone PIN or FaceID. I always had my own custom PIN.

I’ll want to find another browser if that’s the case.

2 Likes

This was one of the primary reasons I used this app so the loss of this feature may have me reconsidering. very frustrating

1 Like

Ya not sure why such a simple feature was removed. Hopefully updates to return it. Otherwise I’ll be looking for an alternate as well.

Brave iOS coders have, for a long time, been trying to resolve various bugs related to the Passcode protection for Logins.

They resolved (at least for now, as far as I can tell) to borrow/use the Apple iDevice authentication . . . and we are locked out (for now, at least) from manually editing and changing the Passcode for Logins:

The issue at GitHub (for Brave iOS), you might take a look:

You may notice, over on the right, at that webpage, the Linked issues:

Screen Shot 2021-08-05 at 10.27.46 AM

When at that webpage, you may hover your mouse over those and get a brief idea, or you may click on them to read more.

1 Like

Totally agree. I would like to be able to use different credentials for brave than for my
iPhone. After all, there is a lot of browsing history and passwords in there. At least, I find that comfy compared to Private browsing and was more comfortable with having a separate password for it

2 Likes

I concur with the others. I don’t want to use my iPhone passcode for Brave. What if that passcode is compromised? With the previous lock my browser would STILL be secure. This was a bad idea and whoever allowed it to be implemented, IMO, made a huge mistake.

Please don’t allow that mistake to stay. Please!!

2 Likes

We originally simplified this feature to ensure that it works properly for it’s intended purpose – to make sure the person viewing the app is the owner of the device. Further, if someone knows your device PIN – with or without a custom PIN set in the browser – they would still be able to access your data since the PIN/browser was not used to encrypt the data itself.

The browser “lock” was not actually a “security” feature but more of a “UI block”. That is, it was intended to prevent scenario where you (for example) hand someone your device but you left your browser open". This would prevent them from digging around in Brave should they open the app.

So, unless I’m mistaken, the primary concern here is that a “bad actor” who wants your sensitive data like your passwords, would not be able to get that data due to the browsers PIN. However, if they really want this data, the bad actor who has access to your PIN/device would not need to open the browser to at all in order to get this data. They could, for example, simply unlock your device (because they know the device PIN/pass) and make an unencrypted iTunes backup of all your files and access them that way.

Additionally, that PIN code implementation had several bugs that made it more trouble than it was preventing. For example, if you forgot your Brave PIN code, you would not be able to get back into the App.

The bugs that were present in the previous implementation have been fixed with the new implementation. Further, the best way to prevent bad actors or unwanted parties from accessing your device is to ensure that you have a device unlock PIN set and/or biometrics set for the device and not share that information with anyone.

2 Likes

So the question is, will this feature be added back? Not trying to be an a$$ but it’s a deal breaker for me so looking to find out in case I need to look for another browser.

Personally, I really dislike this for two reasons. 1) I hate having to use my face id. When I regularly open my phone, since I often look at it while laying down or with a mask on, I usually just click use password and enter my password easily. Instead, now I can’t disable the face id for brave, and it takes two failed attempts to allow me to enter my password. If I could just bypass to the password, it would be much better but I would still dislike it for my second reason.
2) I have friends who knows my phone password, and while I’m alright with them using it to get into my phone to play a game or help me send a text while driving, I don’t want them to have access to my browser history. I loved the fact that I could have a completely separate password for brave that I also didn’t have to just my face id for and now that’s just gone. It was pretty much the only reason I use brave on my phone. I think I will be looking for another app to use now with this prime functionality gone.

2 Likes

Same reason. I have friends and family that know my phone code and I’d like my browser not on the same code. The “bad actor” reference is off base and does not apply here. The code was used by many to separate the browser from the phone for a security reason wether Braves intention was not so.

This is the reason I use Brave over other browsers and if this feature can not be re added will be the reason I’ll need to delete the app and not use the app.

1 Like

Yeah, for whatever reason this change was made, and I’m still not clear on what that was since I’m not quite THAT tech-savy and up on all the lingo. What I do know is, like the few others here that chimed in, if it stays like this I’ll be really upset for a lot of the same reasons as the others. I liked the separation factor of the old way and hate the way it is now. The problem for me is Brave is the only browser of the 4 I have installed, that can open certain websites I visit almost daily. So if I need to continue to visit those sites on a regular basis, I won’t be able to without Brave browser and no matter how much weight it carries, IMO, that really sucks!!! If it ain’t broke, don’t fix it!!|

1 Like

Will this be fixed in an update or simply not returning and done with Brave?

Update: Removing Brave for one that allows for a passcode for privacy reasons. Will look back to Brave if the bug is update/fixed.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.